196.21.118.105

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: Walter Sisulu University

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 196.21.118.105 on Port 445(SMB)	2020-08-22 19:59:39

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 196.21.118.105
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60975
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;196.21.118.105.			IN	A

;; AUTHORITY SECTION:
.			353	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082200 1800 900 604800 86400

;; Query time: 26 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 22 19:59:29 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 105.118.21.196.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 105.118.21.196.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
165.22.146.89	attackspam	scan z	2019-08-24 06:12:52
103.35.171.46	attackspam	2019-08-23 17:01:28 H=(103.35.171-46.cyberwaybd.net) [103.35.171.46]:54650 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=103.35.171.46) 2019-08-23 17:01:28 unexpected disconnection while reading SMTP command from (103.35.171-46.cyberwaybd.net) [103.35.171.46]:54650 I=[10.100.18.23]:25 (error: Connection reset by peer) 2019-08-23 17:25:58 H=(103.35.171-46.cyberwaybd.net) [103.35.171.46]:29222 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=103.35.171.46) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=103.35.171.46	2019-08-24 06:03:19
138.219.228.96	attackspambots	Port Scan detected from 138.219.228.96 (CL/Chile/smtp2.taisaplus.com). 4 hits in the last 15 seconds	2019-08-24 06:04:23
134.209.44.215	attackbots	Aug 23 20:18:56 localhost sshd\[23990\]: Invalid user naoneo from 134.209.44.215 port 48282 Aug 23 20:18:56 localhost sshd\[23990\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.44.215 Aug 23 20:18:58 localhost sshd\[23990\]: Failed password for invalid user naoneo from 134.209.44.215 port 48282 ssh2	2019-08-24 05:37:11
96.48.244.48	attack	$f2bV_matches	2019-08-24 05:39:33
62.234.109.203	attack	Aug 23 23:09:06 minden010 sshd[29451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.109.203 Aug 23 23:09:08 minden010 sshd[29451]: Failed password for invalid user master from 62.234.109.203 port 51437 ssh2 Aug 23 23:16:36 minden010 sshd[32089]: Failed password for root from 62.234.109.203 port 57049 ssh2 ...	2019-08-24 05:50:46
71.6.233.44	attackbotsspam	22222/tcp 8002/tcp 2086/tcp... [2019-06-28/08-23]8pkt,6pt.(tcp),1pt.(udp)	2019-08-24 05:59:06
196.196.219.18	attackspam	Aug 23 21:02:05 ns315508 sshd[27142]: Invalid user sbin from 196.196.219.18 port 49690 Aug 23 21:02:05 ns315508 sshd[27142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.196.219.18 Aug 23 21:02:05 ns315508 sshd[27142]: Invalid user sbin from 196.196.219.18 port 49690 Aug 23 21:02:06 ns315508 sshd[27142]: Failed password for invalid user sbin from 196.196.219.18 port 49690 ssh2 Aug 23 21:08:45 ns315508 sshd[27422]: Invalid user mcserver from 196.196.219.18 port 57632 ...	2019-08-24 06:09:47
2.38.186.191	attackspambots	37215/tcp 23/tcp 60001/tcp... [2019-08-03/23]6pkt,3pt.(tcp)	2019-08-24 05:40:38
220.135.132.158	attackbotsspam	DATE:2019-08-23 18:16:55, IP:220.135.132.158, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-08-24 06:06:46
142.93.178.87	attack	Aug 23 23:21:01 [host] sshd[11092]: Invalid user deploy from 142.93.178.87 Aug 23 23:21:01 [host] sshd[11092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.178.87 Aug 23 23:21:03 [host] sshd[11092]: Failed password for invalid user deploy from 142.93.178.87 port 37558 ssh2	2019-08-24 05:52:27
51.255.39.143	attack	Invalid user ward from 51.255.39.143 port 49216	2019-08-24 06:07:58
146.185.25.172	attack	7100/tcp 8000/tcp 8081/tcp... [2019-07-01/08-23]24pkt,10pt.(tcp),2pt.(udp)	2019-08-24 06:10:08
94.23.207.142	attack	Aug 23 20:24:35 localhost sshd\[24770\]: Invalid user wpadmin from 94.23.207.142 port 59316 Aug 23 20:24:35 localhost sshd\[24770\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.207.142 Aug 23 20:24:37 localhost sshd\[24770\]: Failed password for invalid user wpadmin from 94.23.207.142 port 59316 ssh2	2019-08-24 05:52:48
106.75.13.73	attack	SSH invalid-user multiple login try	2019-08-24 06:16:06

Recently Reported IPs

128.153.31.91	14.177.214.49	190.167.84.50	51.15.78.73
113.105.223.82	8.140.121.127	140.174.99.15	51.15.254.110
120.92.174.161	111.230.244.13	51.15.122.52	14.235.93.42
218.166.27.44	184.22.55.204	177.72.208.43	123.25.85.126
217.90.181.213	245.208.70.11	148.233.133.62	195.151.2.95